Howto zimbra: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
Line 126: Line 126:
  80C2EBFDFB7F0000:error:1180006D:PKCS12 routines:PKCS12_set_mac:mac generation error:crypto/pkcs12/p12_mutl.c:220:
  80C2EBFDFB7F0000:error:1180006D:PKCS12 routines:PKCS12_set_mac:mac generation error:crypto/pkcs12/p12_mutl.c:220:
to fix this error edit /opt/zimbra/bin/zmcertmgr:
to fix this error edit /opt/zimbra/bin/zmcertmgr:
  1821     - "pass:$kpass", "2>&1"
  # add the following on line 1821  
    1821 + "pass:$kpass", "-nomac",  "2>&1"
  "pass:$kpass", "-nomac",  "2>&1"
  # add the following on line 1879
  "pass:$kpass", "-nomac",  "2>&1"


= references =
= references =

Revision as of 02:21, 22 June 2024

compile zimbra

install podman:

https://wiki.vidalinux.org/index.php/Howto_podman#install_podman_ubuntu

for ubuntu 18.04:

https://hub.docker.com/r/ovox/zimbrabuild-ubuntu18

for ubuntu 20.04:

https://hub.docker.com/r/ovox/zimbrabuild-ubuntu20

for centos7:

https://hub.docker.com/r/ovox/zimbrabuild-centos7

for almalinux8:

https://hub.docker.com/r/ovox/zimbrabuild-alma8

install zimbra

install the following packages for ubuntu :

apt-get update && apt-get -y install sqlite3 bind9-dnsutils perl perl-base perl-modules nano sudo libpcre3 libgmp10 unzip libgmp3-dev sysstat libexpat1 wget language-pack-en libaio1 pax dnsmasq net-tools

install the following packages rhel:

yum -y install wget nmap-ncat unzip perl-core openssh-clients sysstat net-tools ntpl sudo libidn libstdc++.so.6 gmp libaio dnsmasq       

set hostname:

hostnamectl set-hostname vidalinux.net

configure /etc/hosts:

127.0.0.1 localhost
192.168.24.45 vidalinux.net mail.vidalinux.net

configure domain:

cat >> /etc/dnsmasq.conf << EOF
listen-address=127.0.0.1
interface=eth0
expand-hosts
domain=vidalinux.net
server=4.2.2.1
server=4.2.2.2
address=/.vidalinux.net/127.0.0.1
address=/.vidalinux.net/192.168.24.45
mx-host=vidalinux.net,mail.vidalinux.com,1
addn-hosts=/etc/hosts
cache-size=9500
EOF

make sure systemd-resolved is disable:

systemctl stop systemd-resolved.service
systemctl disable systemd-resolved.service

start and enable dnsmasq:

systemctl enable dnsmasq.service
systemctl start dnsmasq.service

configure /etc/resolv.conf:

nameserver 127.0.0.1

test your dns:

nslookup vidalinux.net

decompress zimbra archive:

cd ~/ubuntu20/volume/UBUNTU20_64-DAFFODIL-1000-20230413144723-FOSS-0001
tar xvf zcs-10.0.0_GA_0001.UBUNTU20_64.20230413144723.tgz
cd zcs-10.0.0_GA_0001.UBUNTU20_64.20230413144723

run zimbra installer:

./install.sh

make sure to block updates to any zimbra packages:

apt-mark hold zip zimbra-*

access zimbra web interface:

https://vidalinux.net/

access zimbra web administration interface:

https://vidalinux.net:7071

fix webgui error

if you have an error 404 url not found entering the webui use the following command to fix the issue:

su - zimbra -c "zmprov mcf zimbraModernWebClientDisabled TRUE" && /etc/init.d/zimbra restart

07-24-2024

this is a hack to fix error when "Installing mailboxd SSL certificates":

/opt/zimbra/mailboxd/etc/keystore didn't exist.
Mon Jul 24 20:49:39 2023 *** Running as zimbra user: /opt/zimbra/bin/zmcertmgr.bk deploycrt self
** Installing imapd certificate '/opt/zimbra/conf/imapd.crt' and key '/opt/zimbra/conf/imapd.key'
** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/imapd.crt'
** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/imapd.key'
** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'
ERROR: openssl pkcs12 export to '/opt/zimbra/ssl/zimbra/jetty.pkcs12' failed(1):
pkcs12: Unrecognized flag propquery
pkcs12: Use -help for summary.

run the installer, when installation stop do the following:

wget https://pastebin.com/raw/a9Ts3sg9 -O zimbracertmgr.patch
patch /opt/zimbra/bin/zmcertmgr < zimbracertmgr.patch
chattr +i /opt/zimbra/bin/zmcertmgr

run the setup script to finish installation:

/opt/zimbra/libexec/zmsetup.pl

install new theme for zimbra

for ubuntu:

wget https://download.zextras.com/zextras-theme-installer/latest/zextras-theme-ubuntu.tgz && tar xvf zextras-theme-ubuntu.tgz && cd zextras-theme-installer/packages && dpkg -i zextras-theme_1.0.1_amd64.deb && /etc/init.d/zimbra restart 

for centos:

wget https://download.zextras.com/zextras-theme-installer/latest/zextras-theme-centos.tgz && tar xvf zextras-theme-centos.tgz && cd zextras-theme-installer/packages && rpm -ivh zextras-theme-1.0.1.x86_64.rpm && /etc/init.d/zimbra restart

install ssl certificate

script for installing ssl certificate:

cat > /usr/local/bin/install-cert-zimbra << "EOF"
#!/bin/bash
 
DOMAIN=vidalinux.net
CERT_DIR=/root/certificates
CERT_KEY=$DOMAIN.key
CERT_CRT=$DOMAIN.crt
CERT_ROOT=root.pem
SSL_DIR=/opt/zimbra/ssl/letsencrypt

if [ ! -d ${SSL_DIR} ];
then
echo "creating ssl tmp directory"
mkdir -p ${SSL_DIR}
fi
echo "copying certificates to zimbra directory"
rm -rf $SSL_DIR/*
cp $CERT_DIR/* $SSL_DIR/
cp $CERT_DIR/$CERT_KEY /opt/zimbra/ssl/zimbra/commercial/commercial.key
chown -R zimbra.zimbra $SSL_DIR/ /opt/zimbra/ssl/zimbra/commercial/commercial.key
echo "verifying letsencrypt ssl certificates"
su - zimbra -c "/opt/zimbra/bin/zmcertmgr verifycrt comm $SSL_DIR/$CERT_KEY $SSL_DIR/$CERT_CRT $SSL_DIR/$CERT_ROOT"
echo "install letsencrypt ssl certificates"
su - zimbra -c "/opt/zimbra/bin/zmcertmgr deploycrt comm $SSL_DIR/$CERT_CRT $SSL_DIR/$CERT_ROOT"
echo "restarting zimbra services"
/etc/init.d/zimbra restart
EOF

fix file permissions:

chmod +x /usr/local/bin/install-cert-zimbra

run the script as root:

install-cert-zimbra

got the following error when installing new certificate:

** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'
ERROR: openssl pkcs12 export to '/opt/zimbra/ssl/zimbra/jetty.pkcs12' failed(1):
Error creating PKCS12 MAC; no PKCS12KDF support?
Use -nomac if MAC not required and PKCS12KDF support not available.
80C2EBFDFB7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (PKCS12KDF : 192), Properties (<null>)
80C2EBFDFB7F0000:error:1180006B:PKCS12 routines:pkcs12_gen_mac:key gen error:crypto/pkcs12/p12_mutl.c:147:
80C2EBFDFB7F0000:error:1180006D:PKCS12 routines:PKCS12_set_mac:mac generation error:crypto/pkcs12/p12_mutl.c:220:

to fix this error edit /opt/zimbra/bin/zmcertmgr:

# add the following on line 1821 
"pass:$kpass", "-nomac",  "2>&1"
# add the following on line 1879
"pass:$kpass", "-nomac",  "2>&1"

references